A federal learning backdoor defense method based on gradient screening and weight adjustment

The federated learning backdoor defense method using gradient filtering and weight adjustment resolves the contradiction between defense effectiveness and model performance in existing technologies, achieving efficient and robust backdoor attack defense, and is suitable for complex data environments.

CN120979739BActive Publication Date: 2026-06-19NANKAI UNIV

Patent Information

Authority / Receiving Office
CN · China
Patent Type
Patents(China)
Current Assignee / Owner
NANKAI UNIV
Filing Date
2025-08-20
Publication Date
2026-06-19

Smart Images

  • Figure CN120979739B_ABST
    Figure CN120979739B_ABST
Patent Text Reader

Abstract

This invention discloses a backdoor defense method for federated learning based on gradient filtering and weight adjustment, relating to the field of federated learning security. The method first identifies and eliminates potential anomalous updates through gradient adaptive sparsity, cluster analysis, and anomaly detection to reduce redundant information and lower the risk of malicious attacks. Then, during the aggregation process, the weights of each client are adaptively adjusted based on factors such as gradient similarity, optimizing the model aggregation process and ensuring that the contributions of benign clients are effectively utilized while mitigating the impact of malicious clients. Compared with existing defense algorithms, this invention can effectively resist various backdoor attacks without significantly sacrificing model accuracy. It exhibits superior defense performance, robustness, and low computational complexity in different data environments and can be widely applied to various federated learning systems.
Need to check novelty before this filing date? Find Prior Art